Seeing the potential threat of fraud in elections, an application was made by utilizing technological advancements. This electronic general election is known as e-election. This e-election application will facilitate the process of sending general election data. However, in addition to providing convenience in the general election, e-election application also requires security aspects. This safety aspect is needed to prevent frauds that will occur.
In this case the e-election application will create a secure e-election protocol by utilizing cryptographic functions and fingerprint technology. The function of cryptography to encrypt voter data and fingerprints is interpreted as fingerprints that signify ownership or human identification that only belongs to different individuals. The ID is used as authentication in the secure e-election protocol. On this occasion, we will discuss the mechanism of the secure e-election protocol and then it will also discuss whether this protocol is secure enough or not.
Here’s how the e-election protocol works
1) Voters log in the application at TPS by entering their fingerprint on the fingerprint reader. Then the application will encrypt the Tc timestamp and fingerprint using the TPS private key. This delivery process uses the RSA algorithm. The Rivest Shamir Adleman (RSA) algorithm is asymmetric cryptography with the use of two different keys in the encryption and decryption process. Where there are two pairs of keys, namely public key and private key. The public key is commonly used for encryption while the private key is confidential is used for the decryption process.
2) The server will verify the fingerprint with the database server. Then the server will encrypt the Ts timestamp and fingerprint using the server’s private key. After that send Ss (SidikJari | Ts) together with the Tc + 1 timestamp sent by TPS encrypted using TPS public keys.
3) TPS will verify the Tc timestamp sent with the Tc + 1 timestamp received from the server. If the timestamp matches, then the choice will be sent to the server in an encrypted manner along with the results of encryption of the hash of the choice and timestamp Ts +1. To ensure data integrity this application uses the SHA-1 hash algorithm. Secure Hash Standard (SHS) specifies SHA-1 to calculate the hash value of a message or file. SHA-1 has a maximum message length of 264 bits and has an output of 160 bits called message digest or hash code. Every change that occurs in a message during a trip will result in a different message digest. The SHA1 algorithm is based on the MD4 algorithm.
4) The server responds to the selected results by creating a digital signature against the chosen Ss (H (Optional)) and sends them encrypted together with Choice and timestamp Ts + 2. Then TPS will verify the decryption results of the H digital signature (Options) with the result of the Choice hash and timestamps sent with Ts + 2 are received. The output of the SHA algorithm is called message digest or hash code. The digest message can be used as input for the Digital Signature Algorithm (DSA), which is used to generate a signature to verify the message.